Amazon Linux 2023 : python3.12, python3.12-devel, python3.12-idle (ALAS2023-2025-1135)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1135 advisory. There is a defect in the CPython tarfile module affecting the TarFile extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error,...

Amazon Linux 2023 : python3.13, python3.13-devel, python3.13-freethreading (ALAS2023-2025-1147)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1147 advisory. There is a defect in the CPython tarfile module affecting the TarFile extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error,...

Important: python3.11

Issue Overview: There is a defect in the CPython "tarfile" module affecting the "TarFile" extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously...

Important: python3.9

Issue Overview: There is a defect in the CPython "tarfile" module affecting the "TarFile" extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously...

Important: python3.13

Issue Overview: There is a defect in the CPython "tarfile" module affecting the "TarFile" extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously...

Linux Distros Unpatched Vulnerability : CVE-2025-8194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a defect in the CPython tarfile module affecting the TarFile extraction and entry enumeration APIs. The tar implementation would process tar archives...

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2025-1146)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1146 advisory. There is a defect in the CPython tarfile module affecting the TarFile extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error,...

CVE-2025-51986

An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet...

Linux Distros Unpatched Vulnerability : CVE-2022-48630

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORDSZ The commit reference...

Linux Distros Unpatched Vulnerability : CVE-2025-38001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: We are...

CVE-2025-51986

An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet...

CVE-2025-20136

A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation NAT DNS inspection for Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device t...

CVE-2025-20217

A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect...

CVE-2025-20253 Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability

A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA Software, and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is due to the improper processing of...

CVE-2025-20217 Cisco Firepower Threat Defense Intrusion Detection Denial of Service Vulnerability

A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect...

CVE-2025-20136 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability

A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation NAT DNS inspection for Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device t...

CVE-2025-20136

CVE-2025-20136 affects Cisco Secure Firewall ASA/FTD DNS inspection when NAT44/NAT64/NAT46 is configured. An unauthenticated attacker can trigger an infinite loop by sending crafted DNS packets that match a static NAT rule with DNS inspection enabled, causing the device to reload and resulting in...

CVE-2025-20136 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability

A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation NAT DNS inspection for Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device t...

Cisco Secure Firewall Threat Defense Software Snort 3 Denial of Service Vulnerability

A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop bsc1246531 CVE-2025-53019: Fixed format specifiers in a filename...